class PasswordController < ApplicationController
  # Be sure to include AuthenticationSystem in Application Controller instead
  include AuthenticatedSystem
  before_filter :login_required, :only => [:edit,:update]
  
  def new
  end

  def edit
  	@<%= file_name %> = self.current_user
  end
  
  def reset
  	@<%= file_name %> = <%= class_name %>.find_by_password_reset_code(params[:id])
  	if @<%= file_name %>.nil?
	    logger.error "Invalid Reset Code entered" 
	    flash[:notice] = "Sorry - That is an invalid password reset code. Please check your code and try again. (Perhaps your email client inserted a carriage return?)" 
	    redirect_to('/')
	else
	  self.current_user = @<%= file_name %>
	  render :action => 'edit'
    end
  end
  
  def create
    if @<%= file_name %> = <%= class_name %>.find_by_email(params[:email])
      @<%= file_name %>.forgot_password
      @<%= file_name %>.save
      flash[:notice] = "A password reset link has been sent to your email address" 
    else
      flash[:notice] = "Could not find a user with that email address" 
    end
    redirect_back_or_default(login_path)
  end

  def update
  	@<%= file_name %> = self.current_user.password_reset_code.nil? ? <%= class_name %>.authenticate(current_user.<%= options[:use_email].nil? ? 'login' : 'email' %>, params[:old_password]): self.current_user	
    unless @<%= file_name %>.nil?
      if @<%= file_name %>.update_attributes(params[:<%= file_name %>])
      	@<%= file_name %>.reset_password unless @<%= file_name %>.password_reset_code.nil?
        flash[:notice] = "Password changed" 
        redirect_to('/')
      else
        flash[:notice] = "Password mismatch" 
        render :action => 'edit'
      end
    else
      flash[:notice] = "Wrong password" 
      redirect_to :action => 'edit'
    end
  end
end
